<?php
//安全相关
class lib_security{
	
	private static $strict;//是否严格阻止注入攻击
	
	//处理sql注入
	public static function killinject($post,$strict = true){
		if (is_string($post)){
			$post = array($post);
		}
		self::$strict = (bool)$strict;//是否严格阻止注入攻击
		array_walk_recursive($post,array('self','DOkillinject'));
		return $post;
	}
	private static function DOkillinject(&$value, $key){
		if (!is_string($value)) return false;
		
		if (self::$strict){
			if (false !== strpos($value,'<script')){
				die('未知错误，系统运行中止');
			}
			if (false !== strpos($value,'script>')){
				die('未知错误，系统运行中止');
			}
			if (false !== strpos($value,'user()')){
				die('未知错误，系统运行中止');
			}
			if (false !== strpos($value,'database()')){
				die('未知错误，系统运行中止');
			}
			if (false !== strpos($value,'version()')){
				die('未知错误，系统运行中止');
			}
			if (false !== strpos($value,'information_schema')){
				die('未知错误，系统运行中止');
			}
		}
		
		$value = htmlspecialchars(htmlspecialchars_decode($value));
		return true;
	}
	//--END--处理sql注入
	
	//用户密码加密
	public static function passEncode($str){
		$tmp1 = md5($str);
		$tmp2 = str_replace(array('e','a','b','l','z','1','0','o'),
		array('8','2','*','%','d','&','m',';'),$tmp1);
		$tmp3 = implode('',array_reverse(str_split($tmp2,8)));
		$encode = sha1(md5($tmp3));
		return $encode;
	}
	
	//普通加密
	public static function encrypt($str){
		$tmp1 = implode('',array_reverse(str_split($str)));
		$tmp2 = bin2hex(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, "6461772803150152", $tmp1, MCRYPT_MODE_CBC, "8108547186756005"));
		return $encode = $tmp2;
	}
	//普通解密
	public static function decrypt($str){
		$tmp1 = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, "6461772803150152", pack('H*',$str), MCRYPT_MODE_CBC, "8108547186756005");
		$tmp2 = implode('',array_reverse(str_split($tmp1)));
		return $decode = $tmp2;
	}
}